Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
735
Views
0
Helpful
3
Replies

IPSEC uptime on Cisco 2811

Rahul Khude
Level 1
Level 1

‎04-29-2018 11:13 PM - edited ‎03-12-2019 05:14 AM

Hello,

We have a old out of support Cisco 2811 router in network. We have IPSEC session configured on it to remote peer in carrier network. Its running Cisco IOS Software, 2800 Software (C2800NM-ADVSECURITYK9-M), Version 12.4(8d),  RELEASE SOFTWARE (fc2)

When I check crypto session details with "show crypto session detail" command, I cant see session uptime. Is it a IOS limitation?

How can I determine the uptime of the crypto IPSEC session? We do not have access to remote router.

 

XXXX#sh crypto session detail
Crypto session current status

Code: C - IKE Configuration mode, D - Dead Peer Detection
K - Keepalives, N - NAT-traversal, X - IKE Extended Authentication

Interface: FastEthernet0/1
Session status: UP-ACTIVE
Peer: 193.251.154.142 port 4500 fvrf: (none) ivrf: (none)
      Phase1_id: 193.251.154.142
      Desc: (none)
  IKE SA: local 192.168.1.4/4500 remote 193.251.154.142/4500 Active
          Capabilities:DN connid:1 lifetime:10:41:06
  IPSEC FLOW: permit ip host 57.218.14.23 0.0.0.0/0.0.0.0
        Active SAs: 2, origin: crypto map
        Inbound:  #pkts dec'ed 3988 drop 0 life (KB/Sec) 4566272/236
        Outbound: #pkts enc'ed 3814 drop 1 life (KB/Sec) 4566262/236

Labels:
0 Helpful
3 Replies 3

Marius Gunnerud
VIP
VIP

‎04-30-2018 08:32 AM

I think it is a limitation to the IOS version you are running.  Just checked a 2800 router running 12.4(24)T8 and up time is there.

You could try show crypto session brief.  This might show the uptime for you.

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

Rahul Khude
Level 1
Level 1
In response to Marius Gunnerud

‎04-30-2018 08:19 PM

Unfortunately CLI in this IOS do not have option to "brief"

 

XXXX#sh crypto session ?
  detail   detailed output
  fvrf     Front-door VRF
  groups   show all connected groups usage
  ivrf     Inside VRF
  local    Show crypto sessions for a local crypto endpoint
  remote   Show crypto sessions for a remote IKE peer
  summary  show groups and their members
  |        Output modifiers
  <cr>

0 Helpful

Marius Gunnerud
VIP
VIP
In response to Rahul Khude

‎05-01-2018 02:21 AM

Then if you want this feature I believe you need to upgrade your router.

--
Please remember to select a correct answer and rate helpful posts
0 Helpful
Customers Also Viewed These Support Documents